package cn.ljy.authority.config.security.user;

import cn.ljy.common.model.result.ResponseData;
import cn.ljy.common.model.result.ResultCode;
import cn.ljy.common.utils.ResponseUtil;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;


/**
 * 自定义权限不足处理程序
 * 说明：处理spring security的权限异常
 * AccessDeniedException
 * 该异常实现了很多子类。子类都是涉及到权限校验问题的。
 */
@Component
public class UserAccessDeniedHandler implements AccessDeniedHandler {

    @Override
    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException e) throws IOException, ServletException {
        ResponseUtil.responseJson(response, ResponseData.error(ResultCode.FORBIDDEN.getCode(),ResultCode.FORBIDDEN.getMsg()));
    }
}
